Re: [PATCH 5/6] sched/proxy: Remove PROXY_WAKING

From: John Stultz

Date: Mon Jun 01 2026 - 16:33:52 EST

On Mon, Jun 1, 2026 at 3:54 AM Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
> On Tue, May 26, 2026 at 01:16:14PM +0200, Peter Zijlstra wrote:
> > From: K Prateek Nayak <kprateek.nayak@xxxxxxx>
> >
> > Now that the proxy path uses ->is_blocked, use the '->is_blocked &&
> > !->blocked_on' state instead of PROXY_WAKING. Notably, this is where a
> > blocked_on relation is broken but the donor task might still need a return
> > migration.
> >
> > (Not-yet-)Signed-off-by: K Prateek Nayak <kprateek.nayak@xxxxxxx>
> > Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
>
> Prateek, can I make that a normal SoB from you? I'm thinking I should
> merge sched/proxy into sched/core so we can get on with other stuff.

Just as a heads up, so in stress testing[1] over the weekend with your
sched/proxy series, I hit the below null ptr traversal that seems to
be another pick_eevdf() returning null issue.

I'm not sure if this is proxy related or not yet, so I'll be working
to reproduce (took ~31 hours to trip this one) and narrow it down.
But I'm wondering, given this pick_eevdf() returning null symptom has
been a regular issue for various bugs over time, do we need some
better debug checks to try to better these narrow down?

This was using your tree at 4d92e41a046d, plus one workaround for
binutils on my system:
https://lore.kernel.org/lkml/7b45d196-063e-4e76-b08b-ec2bcc111328@xxxxxxxxxxxxx/

[1]: Running the following in a loop: stress-ng --class scheduler
--all 1 --timeout 300

Crash below:
[112007.261294] BUG: kernel NULL pointer dereference, address: 0000000000000059
[112007.265100] #PF: supervisor read access in kernel mode
[112007.267796] #PF: error_code(0x0000) - not-present page
[112007.270507] PGD 0 P4D 0
[112007.271913] Oops: Oops: 0000 [#1] SMP NOPTI
[112007.274149] CPU: 6 UID: 0 PID: 1830390 Comm: stress-ng-cpu-s
Tainted: G W 7.1.0-rc2-00079-g7f66f556bfd7 #78
PREEMPT(full)
[112007.280445] Tainted: [W]=WARN
[112007.282098] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.17.0-debian-1.17.0-1 04/01/2014
[112007.286982] RIP: 0010:pick_task_fair+0x49/0x7c0
[112007.289398] Code: 18 a2 02 4c 89 74 24 40 49 89 f6 44 8b 8b 50 01
00 00 48 8d bb 40 01 00 00 45 85 c9 75 27 eb 63 be 01 00 00 00 e8 b7
49 ff
ff <80> 78 59 00 75 41 48 85 c0 74 d6 48 8b b8 b8 00 00 00 48 85 ff 0f
[112007.298732] RSP: 0018:ffffc90016a5bca0 EFLAGS: 00010082
[112007.301475] RAX: 0000000000000000 RBX: ffff8881b8fada00 RCX:
fffca7c2df129800
[112007.305138] RDX: ffff888191e90080 RSI: 0000000003000c00 RDI:
ffff888106fc7600
[112007.308813] RBP: ffffc90016a5bde0 R08: fffca7c2df129800 R09:
0000000003000c00
[112007.312498] R10: 000790b20f70c03b R11: 0000000000000000 R12:
0000000000000000
[112007.316165] R13: ffffffff82f4c310 R14: ffffc90016a5bd70 R15:
ffff8881b8fada00
[112007.319866] FS: 00007fdb4d1e7b00(0000) GS:ffff8882351ee000(0000)
knlGS:0000000000000000
[112007.324083] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[112007.327102] CR2: 0000000000000059 CR3: 0000000109b7b001 CR4:
0000000000370ef0
[112007.330798] Call Trace:
[112007.332211] <TASK>
[112007.333463] ? do_nanosleep+0x1a/0x190
[112007.335475] ? dequeue_task_fair+0x2b/0x180
[112007.337698] __schedule+0x2e7/0x1e50
[112007.339633] ? lock_acquire+0xd9/0x320
[112007.341668] ? do_nanosleep+0x1a/0x190
[112007.343669] ? lock_release+0x191/0x310
[112007.345725] ? do_nanosleep+0x1a/0x190
[112007.347753] schedule+0x3d/0x130
[112007.349622] do_nanosleep+0x6f/0x190
[112007.351546] hrtimer_nanosleep+0xba/0x1f0
[112007.353682] ? lock_release+0x191/0x310
[112007.355749] ? __pfx_hrtimer_wakeup+0x10/0x10
[112007.358092] common_nsleep+0x34/0x60
[112007.360021] __x64_sys_clock_nanosleep+0xde/0x150
[112007.362544] do_syscall_64+0xf3/0x6c0
[112007.364515] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[112007.367156] RIP: 0033:0x7fdb4daba687
[112007.369087] Code: 48 89 fa 4c 89 df e8 58 b3 00 00 8b 93 08 03 00
00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24
10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff
ff ff
[112007.378506] RSP: 002b:00007fff604b87d0 EFLAGS: 00000202 ORIG_RAX:
00000000000000e6
[112007.382426] RAX: ffffffffffffffda RBX: 00007fdb4d1e7b00 RCX:
00007fdb4daba687
[112007.386111] RDX: 00007fff604b8810 RSI: 0000000000000000 RDI:
0000000000000000
[112007.389821] RBP: 0000000000000000 R08: 0000000000000000 R09:
0000000000000000
[112007.393501] R10: 00007fff604b8810 R11: 0000000000000202 R12:
00000000001bedf6
[112007.397174] R13: 000055632496f550 R14: 0000000000000033 R15:
0000000000000001
[112007.400864] </TASK>